Commit c1329519 authored by cdanger's avatar cdanger

- maxVariableDepth/maxPolicyRefDepth changed from Integer to BigInteger

parent c1b78910
......@@ -17,6 +17,7 @@ import java.io.Closeable;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.math.BigInteger;
import java.util.Collections;
import java.util.List;
......@@ -319,11 +320,28 @@ public class PdpConfigurationParser
// decision cache
final AbstractDecisionCache jaxbDecisionCache = pdpJaxbConf.getDecisionCache();
final Integer maxVarRefDepth = pdpJaxbConf.getMaxVariableRefDepth();
final Integer maxPolicyRefDepth = pdpJaxbConf.getMaxPolicyRefDepth();
return new PDPImpl(attributeFactory, functionRegistry, pdpJaxbConf.getAttributeProviders(), maxVarRefDepth == null ? -1 : maxVarRefDepth, enableXPath, combiningAlgRegistry,
pdpJaxbConf.getRootPolicyProvider(), pdpJaxbConf.getRefPolicyProvider(), maxPolicyRefDepth == null ? -1 : maxPolicyRefDepth, pdpJaxbConf.getRequestFilter(),
pdpJaxbConf.isStrictAttributeIssuerMatch(), decisionResultFilter, jaxbDecisionCache, envProps);
final BigInteger bigMaxVarRefDepth = pdpJaxbConf.getMaxVariableRefDepth();
final int maxVarRefDepth;
try
{
maxVarRefDepth = bigMaxVarRefDepth == null ? -1 : org.ow2.authzforce.core.pdp.impl.value.IntegerValue.intValueExact(bigMaxVarRefDepth);
} catch (ArithmeticException e)
{
throw new IllegalArgumentException("Invalid maxVariableRefDepth: " + bigMaxVarRefDepth, e);
}
final BigInteger bigMaxPolicyRefDepth = pdpJaxbConf.getMaxPolicyRefDepth();
final int maxPolicyRefDepth;
try
{
maxPolicyRefDepth = bigMaxPolicyRefDepth == null ? -1 : org.ow2.authzforce.core.pdp.impl.value.IntegerValue.intValueExact(bigMaxPolicyRefDepth);
} catch (ArithmeticException e)
{
throw new IllegalArgumentException("Invalid maxPolicyRefDepth: " + bigMaxPolicyRefDepth, e);
}
return new PDPImpl(attributeFactory, functionRegistry, pdpJaxbConf.getAttributeProviders(), maxVarRefDepth, enableXPath, combiningAlgRegistry, pdpJaxbConf.getRootPolicyProvider(),
pdpJaxbConf.getRefPolicyProvider(), maxPolicyRefDepth, pdpJaxbConf.getRequestFilter(), pdpJaxbConf.isStrictAttributeIssuerMatch(), decisionResultFilter, jaxbDecisionCache, envProps);
}
private static boolean isXpathBased(Function<?> function)
......
......@@ -175,6 +175,23 @@ public final class IntegerValue extends NumericValue<BigInteger, IntegerValue> i
return doubleVal;
}
/**
*
* Converts this value to an int, checking for lost information. If the value of this BigInteger is out of the range of the int type, then an ArithmeticException is thrown.
* <p>
* TODO: replace with Java 8 native equivalent - BigInteger#intValueExact() - after upgrade to Java 8
*
* @see <a href="https://www.securecoding.cert.org/confluence/display/java/NUM00-J.+Detect+or+prevent+integer+overflow">The CERT Oracle Secure Coding Standard for Java - NUM00-J. Detect or prevent
* integer overflow</a>
* @return this converted to an int
* @throws java.lang.ArithmeticException
* if the value of this will not exactly fit in a int.
*/
public int intValueExact() throws ArithmeticException
{
return intValueExact(value);
}
/**
*
* Converts BigInteger to an int, checking for lost information. If the value of this BigInteger is out of the range of the int type, then an ArithmeticException is thrown.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment